The vulnerabilities are at the level of the WPA2 “4-way handshake” and would allow an attacker in the vicinity to decrypt the flow, inject HTTP content, take control of TCP connections, replay IP packets, etc.

In the paragraph below, researchers describe how a KRACK attack could be performed:

“All protected Wi-Fi networks use the 4-way handshake to generate a fresh session key. So far, this 14-year-old handshake has remained free from attacks and is even proven secure. However, we show that the 4-way handshake is vulnerable to a key reinstallation attack. Here, the adversary tricks a victim into reinstalling an already-in-use key.

This is achieved by manipulating and replaying handshake messages. When reinstalling the key, associated parameters such as the incremental transmit packet number (nonce) and receive packet number (replay counter) are reset to their initial value. Our key reinstallation attack also breaks the PeerKey, group key, and Fast BSS Transition (FT) handshake.

The impact depends on the handshake being attacked, and the data-confidentiality protocol in use. Simplified, against AES-CCMP an adversary can replay and decrypt (but not forge) packets. This makes it possible to hijack TCP streams and inject malicious data into them. Against WPATKIP and GCMP the impact is catastrophic: packets can be replayed, decrypted, and forged.

Because GCMP uses the same authentication key in both communication directions, it is especially affected.”

Researchers demonstrated a KRACK attack against Android and Linux, and were able to intercept the username and password of a dating site.

“The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected,” say authors of the paper “To prevent the attack, users must update affected products as soon as security updates become available.

The Wi-Fi Alliance released a statement regarding the threat of KRACK attack, saying that: “This issue can be resolved through straightforward software updates, and the Wi-Fi industry, including major platform providers, has already started deploying patches to Wi-Fi users. Users can expect all their Wi-Fi devices, whether patched or unpatched, to continue working well together.”

On November 1st, Mathy Vanhoef and Frank Piessens will present their research at the ACM Conference on Computer and Communications Security (CCS 2017 – Session F3).